Administration of an access control list to femto cell coverage

ABSTRACT

A system, method, and apparatus for facilitating management of access to femto cell coverage is provided. A femto access point provides access to the femto cell coverage and a subset of services to at least one communication device included in an access control list associated with the femto access point. An access management component utilizes an access criteria to edit the access control list. The access criteria includes criteria for adding a communication device to the access control list and criteria for automatically removing the added communication device from the access control list.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of U.S. Provisional Patentapplication Ser. No. 61/052,813 entitled “MANAGEMENT OF ACCESS TO FEMTOCELL COVERAGE” and filed on May 13, 2008. The entirety of theabove-referenced application is incorporated by reference herein.

TECHNICAL FIELD

The subject innovation generally relates to wireless communications andmore particularly to facilitating management of access to femto cellcoverage.

BACKGROUND

Femtocells—building-based wireless access points interfaced with a wiredbroadband network—are generally deployed to improve indoor wirelesscoverage provided by a wireless network operator. Femtocells typicallyoperate in licensed portions of the electromagnetic spectrum, andgenerally offer plug-and-play installation; e.g., automaticconfiguration of femto access point. Improved indoor coverage includesstronger signal and improved reception (e.g., voice or sound), ease ofsession or call initiation and session or call retention as well.Coverage of a femtocell, or femto AP, is intended to be confined withinthe bounds of an indoor compound, in order to mitigate interferenceamong mobile stations covered by a macro cell and terminals covered bythe femto AP. Additionally, confined coverage can reduce cross-talkamong terminals serviced by disparate, neighboring femtocells as well.

Coverage improvements via femtocells also can mitigate customerattrition as long as a favorable subscriber perception regarding voicecoverage and other data services with substantive delay sensitivity isattained. A positive customer experience can depend on adequate accessmanagement to femtocell service.

It can be desirable to encourage communication devices to utilize afemtocell owned/operated by a subscriber and services available via thefemtocell, as it can facilitate communication of information betweencommunication devices and respective users of those communicationdevices and/or can generate income for the subscriber that owns/operatesthe femtocell. It also can be desirable to manage access of wirelesscommunication devices to a femtocell to facilitate efficient use ofbandwidth and services associated with the femtocell. It also can bedesirable to manage access of wireless communication devices to afemtocell in order to facilitate reducing unnecessary signaling betweena femtocell and a communication device(s) in the coverage area of thefemtocell, where the communication device(s) is not desiring or is notauthorized to access the femtocell.

SUMMARY

The following presents a simplified summary of the innovation in orderto provide a basic understanding of some aspects of the invention. Thissummary is not an extensive overview of the invention. It is intended toneither identify key or critical elements of the invention nor delineatethe scope of the invention. Its sole purpose is to present some conceptsof the invention in a simplified form as a prelude to the more detaileddescription that is presented later.

The subject innovation provides system(s) and method(s) to manage accessto femtocell service through access control list(s), or “white list(s).”In an aspect, the white list(s) can be configured via a networkedinterface that can facilitate access management to a femtocell. A whitelist(s) can include a set of subscriber station(s) identifier numbers,codes or tokens, and can also include additional fields that canfacilitate femtocell access management based at least in part on desiredcomplexity.

In an aspect, the femtocell can facilitate automatically querying asubscriber station(s) (e.g., cellular phone, computer, . . . ), which isdetected in a femtocell coverage area of the femtocell, to prompt thesubscriber station(s) to access or request access to the femtocell andservices associated therewith to facilitate populating the white listwith desired subscriber stations. In an aspect, the femtocell (e.g.,femto access point) can detect a subscriber station(s) that has entereda femtocell coverage area of the femtocell. The femtocell can include anaccess management component that can facilitate managing access tofemtocell coverage and services associated therewith. The accessmanagement component can automatically generate and transmit a query toa detected subscriber station to prompt the subscriber station to accessor request to access the femtocell and associated services and to beentered on the white list(s) of the femtocell. In response to the query,the subscriber station can opt in to access the femtocell and associatedservices, or subset thereof, and to be entered on the white list(s) on apermanent basis or temporary basis, or can opt out of accessing thefemtocell and associated services.

The access management component can determine whether to grant access tothe femtocell and an associated subset of services, on a temporary orpermanent basis, based at least in part on slot availability of thefemtocell (and white list) and other predefined access criteria, and/ora request (e.g., request to opt in to access the femtocell on atemporary basis, request to opt in to access the femtocell on apermanent basis) received from the subscriber station. The accessmanagement component can store information related to the subscriberstation in the white list on a permanent or temporary basis, when thesubscriber station is granted access to the femtocell and the subset ofservices. When granted access to the femtocell and subset of services,the subscriber station can communicate with other subscriber stationsand/or can access and utilize the subset of services provided via thefemtocell. When information related to the subscriber station is storedin the white list on a temporary basis, the information related to thesubscriber station can be deleted from the white list when a predefinedperiod of time (or an extension to the predefined period of time) isexpired or the subscriber station is no longer detected by the femtocell(e.g., subscriber station leaves the femtocell coverage area, subscriberstation is powered down). Access to the femtocell and the associatedsubset of services by the subscriber station can be terminated when thegrant of access has expired (e.g., when granted on a temporary basis)and/or the subscriber station has left the femtocell coverage area or ispowered down.

The access management component can determine whether to deny access toa femtocell and an associated subset of services on a temporary orpermanent basis, based at least in part on predefined access criteriaand/or a request (e.g., request to opt out of access the femtocell on atemporary basis, request to opt out of access the femtocell on apermanent basis) received from the subscriber station. The accessmanagement component can store information related to the subscriberstation in a black list associated with the femtocell on a permanent ortemporary basis, when the subscriber station is denied access (orrefuses access) to the femtocell and the subset of services, based atleast in part on the predefined access criteria or the request (e.g.,request to opt out of access the femtocell on a temporary basis, requestto opt out of access the femtocell on a permanent basis) received fromthe subscriber station. When information related to the subscriberstation is stored in the black list on a temporary basis, theinformation related to the subscriber station can be deleted from theblack list when a predefined period of time is expired or the subscriberstation is no longer detected by the femtocell (e.g., subscriber stationleaves the femtocell coverage area, subscriber station is powered down).

To the accomplishment of the foregoing and related ends, the invention,then, comprises the features hereinafter fully described. The followingdescription and the annexed drawings set forth in detail certainillustrative aspects of the invention. However, these aspects areindicative of but a few of the various ways in which the principles ofthe invention may be employed. Other aspects, advantages and novelfeatures of the invention will become apparent from the followingdetailed description of the invention when considered in conjunctionwith the drawings.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 a schematic deployment of a macro cell and a femtocell forwireless coverage in accordance with aspects described herein.

FIG. 2 is a block diagram of an example system that can facilitateselection of subscribers and/or subscriber stations to access coveragefrom a femtocell in accordance with an embodiment of the disclosedsubject matter.

FIG. 3 is a block diagram of an example system that can interactivelyprompt communication devices to facilitate automatically populating awhite list(s) associated with a femto AP and management of access ofcommunication devices to a femto AP in accordance with an aspect of thedisclosed subject matter.

FIG. 4 is a block diagram an example access management component thatcan facilitate management of an access control list(s) and access ofsubscribers and subscriber stations to a femtocell in accordance with anaspect of the disclosed subject matter.

FIG. 5 illustrates a flowchart of an example methodology for managingaccess of subscribers and subscriber stations to cell coverage inaccordance with an aspect of the disclosed subject matter.

FIG. 6 illustrates a flowchart of an example methodology forfacilitating management of access to femto cell coverage in accordancewith an aspect of the disclosed subject matter.

FIG. 7 illustrates a block diagram of various sources from which anaccess management component may depend for facilitating management ofaccess to femto cell coverage in accordance with an aspect of thedisclosed subject matter.

FIG. 8 illustrates a flowchart of an example methodology for adding andautomatically removing devices to/from an access control list inaccordance with an aspect of the disclosed subject matter.

FIG. 9 depicts a flowchart of an example methodology that cantemporarily store information related to a subscriber station andassociated subscriber in a white list(s) to facilitate managing accessof subscribers and subscriber stations to femtocell coverage inaccordance with an aspect of the disclosed subject matter.

FIG. 10 is a block diagram of an example system that can facilitatesharing white list(s) and/or black list(s) among subscribers of awireless network service in order to provide straightforward accessconfiguration to, and activation of, a femtocell among femtocellsubscribers.

FIG. 11 is a block diagram of an example system that can facilitatemanagement of a white list(s) and a black list(s) associated with afemtocell in accordance with an aspect of the disclosed subject matter.

FIG. 12 illustrates a block diagram of an example system that canfacilitate addition of subscriber(s)/subscriber station(s) to one ormore white lists associated with a femtocell in accordance with anaspect of the disclosed subject matter.

FIG. 13 depicts a block diagram of an example system that can manage adefined logic relating to maintaining content(s) in a white list(s) on awhite list database and a black list(s) in a black list database inaccordance with an aspect of the disclosed subject matter.

FIG. 14 illustrates a block diagram of an example system that caninitialize a white list(s) to femto coverage for a subscriber stationwith available subscriber station identifier numbers, codes or tokensavailable on a service account in accordance with an aspect of thedisclosed subject matter.

FIG. 15 depicts a block diagram of an example system that can facilitatemanagement of access of a femto access point by a communication deviceon a request from the communication device in accordance with an aspectof the disclosed subject matter.

FIG. 16 depicts a block diagram of example macro and femto wirelessnetwork environments that can exploit femto APs in accordance withvarious aspects of the disclosed subject matter.

FIG. 17 is a block diagram of an example femto access point thatoperates in accordance with aspects disclosed in the subjectspecification.

DETAILED DESCRIPTION

The subject innovation is now described with reference to the drawings,wherein like reference numerals are used to refer to like elementsthroughout. In the following description, for purposes of explanation,numerous specific details are set forth in order to provide a thoroughunderstanding of the present invention. It may be evident, however, thatthe present invention may be practiced without these specific details.In other instances, well-known structures and devices are shown in blockdiagram form in order to facilitate describing the present invention.

As used in this application, the terms “component,” “system,”“platform,” and the like can refer to a computer-related entity or anentity related to an operational machine with one or more specificfunctionalities. The entities disclosed herein can be either hardware, acombination of hardware and software, software, or software inexecution. For example, a component may be, but is not limited to being,a process running on a processor, a processor, an object, an executable,a thread of execution, a program, and/or a computer. By way ofillustration, both an application running on a server and the server canbe a component. One or more components may reside within a processand/or thread of execution and a component may be localized on onecomputer and/or distributed between two or more computers. Also, thesecomponents can execute from various computer readable media havingvarious data structures stored thereon. The components may communicatevia local and/or remote processes such as in accordance with a signalhaving one or more data packets (e.g., data from one componentinteracting with another component in a local system, distributedsystem, and/or across a network such as the Internet with other systemsvia the signal).

In addition, the term “or” is intended to mean an inclusive “or” ratherthan an exclusive “or.” That is, unless specified otherwise, or clearfrom context, “X employs A or B” is intended to mean any of the naturalinclusive permutations. That is, if X employs A; X employs B; or Xemploys both A and B, then “X employs A or B” is satisfied under any ofthe foregoing instances. Moreover, articles “a” and “an” as used in thesubject specification and annexed drawings should generally be construedto mean “one or more” unless specified otherwise or clear from contextto be directed to a singular form.

Moreover, terms like “user equipment,” “mobile station,” “mobile,”“subscriber station,” “communication device,” “access terminal,”“terminal,” “handset,” and similar terminology, refer to a wirelessdevice utilized by a subscriber or user of a wireless communicationservice to receive or convey data, control, voice, video, sound, gaming,or substantially any data-stream or signaling-stream. The foregoingterms are utilized interchangeably in the subject specification andrelated drawings. Likewise, the terms “access point,” “base station,”“Node B,” “evolved Node B,” “home Node B (HNB),” and the like, areutilized interchangeably in the subject application, and refer to awireless network component or appliance that serves and receives data,control, voice, video, sound, gaming, or substantially any data-streamor signaling-stream from a set of subscriber stations. Data andsignaling streams can be packetized or frame-based flows.

Furthermore, the terms “user,” “subscriber,” “customer,” “consumer,”“prosumer,” “agent,” and the like are employed interchangeablythroughout the subject specification, unless context warrants particulardistinction(s) among the terms. As utilized herein, the term “prosumer”indicate the following contractions: professional-consumer andproducer-consumer.

The following abbreviations are relevant to the subject specification.

3G Third Generation

3GPP Third Generation Partnership Project

AGPS Assisted GPS

AP Access Point

ADSL Asymmetric Digital Subscriber Line

AWS Advanced Wireless Services

BRAS Broadband Remote Access Server

BTA Basic Trading Area

CN Core Network

CS Circuit-Switched

CSCF Call Session Control Function

CPE Customer Premise Equipment

CPN Customer Premise Network

DHCP Dynamic Host Configuration Protocol

DSL Digital Subscriber Line

DSLAM Digital Subscriber Line Access Multiplexer

E911 Enhanced 911

FCC Federal Communications Commission

FL Forward Link

GGSN Gateway GPRS Service Node

GPRS General Packet Radio Service

GPS Global Positioning System

GW Gateway

HAP Home Access Point

HSS Home Subscriber Server

ISDN Integrated Services Digital Network

UE User Equipment

UTRAN Universal Terrestrial Radio Access Network

IMS IP Multimedia Subsystem

IP Internet Protocol

ISP Internet Service Provider

MSA Metropolitan Statistical Areas

MSISDN Mobile Subscriber ISDN Number

MTA Major Trading Areas

NAT Network Address Translation

NTP Network Time Protocol

O&M Operation and Maintenance

PC Personal Computer

PCS Personal Communications Service

PS Packet-Switched

PSTN Public Switched Telephone Network

RAN Radio Access Network

RBS Radio Base Station

RL Reverse Link

RNC Radio Network Controller

RSA Rural Service Area

SGSN Serving GPRS Support Node

SIP Session Initiation Protocol

USSD Unstructured Supplementary Service Data

VPN Virtual Private Network

WAP Wireless Application Protocol

XDSL Asynchronous-DSL or Synchronous-DSL

Referring to the drawings, FIG. 1 illustrates a schematic wirelessenvironment 100 (e.g., a network) in which a femtocell can exploitvarious aspects of the subject innovation in accordance with thedisclosed subject matter. In wireless environment 100, area 105 canrepresent a coverage macro cell which can be served by base station 110.Macro coverage is generally intended for outdoors locations forservicing mobile wireless devices, like UE 120 _(A), and such coverageis achieved via a wireless link 115. In an aspect, UE 120 can be a 3GPPUniversal Mobile Telecommunication System (UMTS) mobile phone.

Within macro coverage cell 105, a femtocell 145, served by a femtoaccess point 130, can be deployed. A femtocell typically can cover anarea 125 that is determined, at least in part, by transmission powerallocated to femto AP 130, path loss, shadowing, and so forth. Coveragearea typically can be spanned by a coverage radius that ranges from 20to 50 meters. Confined coverage area 145 is generally associated with anindoors area, or a building, which can span about 5000 sq. ft.Generally, femto AP 130 typically can service a number (e.g., a few ormore) wireless devices (e.g., subscriber station 120 _(B)) withinconfined coverage area 145. In an aspect, femto AP 130 can integrateseamlessly with substantially any PS-based and CS-based network; forinstance, femto AP 130 can integrate into an existing 3GPP Core viaconventional interfaces like Iu-CS, Iu-PS, Gi, Gn. In another aspect,femto AP 130 can exploit high-speed downlink packet access in order toaccomplish substantive bitrates. In yet another aspect, femto AP 130 hasa LAC (location area code) and RAC (routing area code) that can bedifferent than the underlying macro network. These LAC and RAC are usedto identify subscriber station location for a variety of reasons, mostnotably to direct incoming voice and data traffic to appropriate pagingtransmitters.

As a subscriber station, e.g., UE 120 _(A), leaves macro coverage (e.g.,cell 105) and enters femto coverage (e.g., area 125), as illustrated inenvironment 100, UE 120 _(A) can attempt to attach to the femto AP 130through transmission and reception of attachment signaling, effected viaa FL/RL 135; in an aspect, the attachment signaling can include aLocation Area Update (LAU) and/or Routing Area Update (RAU). Attachmentattempts are a part of procedures to ensure mobility, so voice calls andsessions can continue even after a macro-to-femto transition or viceversa. It is to be noted that UE 120 can be employed seamlessly aftereither of the foregoing transitions. Femto networks are also designed toserve stationary or slow-moving traffic with reduced signaling loadscompared to macro networks. A femto service provider (e.g., an entitythat commercializes, deploys, and/or utilizes femto access point 130)therefore can be inclined to minimize unnecessary LAU/RAU signalingactivity at substantially any opportunity to do so, and throughsubstantially any available means. It is to be noted that substantiallyany mitigation of unnecessary attachment signaling/control can beadvantageous for femtocell operation. Conversely, if not successful, UE120 generally can be commanded (through a variety of communicationmeans) to select another LAC/RAC or enter “emergency calls only” mode.It is to be appreciated that this attempt and handling process canoccupy significant UE battery, and femto AP capacity and signalingresources as well.

When an attachment attempt is successful, UE 120 can be allowed onfemtocell 125 and incoming voice and data traffic can be paged androuted to the subscriber station through the femto AP 130. It is to benoted also that data traffic is typically routed through a backhaulbroadband wired network backbone 140 (e.g., optical fiber backbone,twisted-pair line, T1/E1 phone line, DSL, or coaxial cable). To thisend, femto AP 130 can be connected to the broadband backhaul networkbackbone 140 via a broadband modem (not shown).

It is to be noted that as a femto AP 130 generally can rely on abackhaul network backbone 140 for routing and paging, and for packetcommunication, substantially any quality of service can handleheterogeneous packetized traffic. Namely, packet flows established forwireless communication devices (e.g., terminals 120 _(A) and 120 _(B))served by femto AP 130, and for devices served through the backhaulnetwork pipe 140. It is to be noted that to ensure a positive subscriberexperience, or perception, it is desirable for femto AP 130 to maintaina high level of throughput for traffic (e.g., voice and data) utilizedon a mobile device for one or more subscribers while in the presence ofexternal, additional packetized, or broadband, traffic associated withapplications (e.g., web browsing, data transfer (e.g., content upload),and the like) executed in devices within the femto coverage area (e.g.,area 125 or area 145).

FIG. 2 is a block diagram of an example system 200 that can facilitateselection of subscribers and/or subscriber stations to access coveragefrom a femtocell in accordance with an embodiment of the disclosedsubject matter. In an aspect, selection of subscribers and/or subscriberstations can enable or disable femtocell coverage for specificsubscriber(s) or subscriber station(s). A means provided by examplesystem 200 to facilitate authorizing, denying, revoking, and/orterminating access to specific subscribers, or subscriber station(s),comprises what is herein termed as a “White List(s)” (e.g., accesscontrol list(s))—an instrument that can facilitate management of accessto femtocell coverage.

In example system 200, an interface component 210 can facilitateconfiguration, or set up, of a list(s) (e.g., white list 220, black list222) of wireless mobile station numbers approved for coverage throughfemto access point 130. It is to be noted that substantially anyidentification token(s), label(s), or code(s) that can facilitateidentifying a subscriber station can be employed to identify asubscriber station in a white list 220 or black list 222. In an aspect,a white list(s) 220 associated with femto AP 130 can include informationrelated to subscriber stations and respectively associated subscribersthat are granted respective levels of access to the femto AP 130 on apermanent or temporary basis. In another aspect, a black list(s) 222associated with femto AP 130 can include information related tosubscriber stations and respectively associated subscribers that are notgranted access to the femto AP 130, where the opting out (e.g., refusal)or denial of coverage by the femto AP 130 can result in such subscriberstations being included on the black list(s) on a permanent or temporarybasis.

In an aspect, the interface 210 can be networked (e.g., via a WAN, LAN,or backhaul pipe) with femto AP 130 and can convey white list(s) 220and/or black list(s) 222 over network link(s) 225. In an aspect,interface component 210 can be a web-based, online graphic userinterface (GUI), and/or other networked interfaces, which can facilitateentering or configuring a white list 220 or black list 222, can beemployed, as desired, such as, for example, voice or sound commandedinterface(s), touch commanded interface(s), biometric commandedinterfaces(s), and the like. A communication platform 255 can facilitatereception of the white list(s) 220 and/or black list(s) 222 and canconvey white list(s) 220 and/or black list(s) 222 to an accessmanagement component 235 that can exploit the white list(s) 220 and/orblack list(s) 222 to facilitate managing access to coverage provided byfemto AP 130 to subscriber stations and associated subscribers. Whitelist(s) 220 and/or black list(s) 222 can be stored in the data storage245 in the femto AP 130; and, as desired, white list(s) 220 and/or blacklist(s) 222 can be stored in disparate network components such asnetwork component administered by a service operator. In addition,interface component 210 can access a subscriber database through network230, in order to extract identification numbers, codes, tokens, orlabels for subscribers/subscriber stations that can be entered in awhite list 220 and/or black list 222.

In an illustrative, not-limiting aspect of the subject innovation, whitelist(s) 220 (or any set of numbers, codes or tokens thereon, that cancomprise a set of subscriber stations (e.g., mobile phones) approved forcoverage by femto AP 130) and/or black list(s) 222 (or any set ofnumbers, codes or tokens thereon, that can comprise a set of subscriberstations (e.g., mobile phones) not approved for coverage by femto AP130) can be portable through accounts or billing groups associated witha set of subscribers to a service operator that can administer femto AP130, or a macro network. As an illustration, white list(s) 220 and/orblack list(s) 222 each can support up to N fields (N a positive integer;e.g., N=50) for unique mobile phone numbers (e.g., MSIDSNs), or anysuitable identifying codes or tokens. The number N of fields can bedetermined, or configured, by a service operator based at least in parton technical aspects (e.g., network resources, quality of serviceconsideration, macro area of coverage (e.g., MSA/RSA, . . . ) andcommercial aspects (e.g., promotional considerations, mitigation ofcustomer attrition, gains in market share, etc.) aspects of provision ofcoverage. As an example, N can be subscriber dependent or femto APdependent.

In contrast to management of access authorization via femto AP 130, itshould be appreciated that configuration of white list(s) 220 (e.g.,registration authorization for femto coverage) and/or black list(s) 222through a network mechanism(s) (e.g., interface component 210) canprovide at least the following advantages. It is to be noted that thefollowing advantages are illustrative and not limiting, as otheradvantages associated with white list(s) 220 and/or black list(s) 222,as are realized, are intended to lay within the scope of theinnovation(s) described in the subject specification. (1) Access througha networked interface (e.g., online or otherwise) can reduceprovisioning lead time and provides a means for customers to update andpersonalize a femto AP autonomously (e.g., free of interaction withtechnical support entities) at substantially any time. (2) Securityagainst devices attempting to hack into the femto AP when networked withit, and support of extensible sharing/networking of the authorizationscheme. (3) Networked interface (e.g., online or otherwise) can providea superior, rich customer experience substantially free ofrequirement(s) to understand/interpret femto AP programming interface orconfiguration nomenclature. (4) End user(s) can manage (e.g., removeselect covered numbers, or add additional numbers for coverage up to anallotted amount for white list(s) associated with the user. (5) Capacityto determined Quality of Service (QoS), grade of service, or serviceexperience, for specific authorized subscribers. (6) Capacity to checkfor valid wireless device numbers, codes or tokens (e.g., MSISDNs);subscriber's active numbers, codes or tokens; and numbers, codes ortokens on service accounts in good standing; such capacity can beprovided through networked access to a subscriber database 260.

White list(s) 220 and black list(s) 222 can facilitate management ofaccess to coverage by a femto AP (e.g., femto AP 130) and servicesassociated with the femto AP. Various illustrative aspects of innovationbased at least in part on a white list concept also are discussedherein. It is to be noted, notwithstanding, that variations andextensions of such illustrative aspects can be realized and are withinthe scope of the subject innovation.

FIG. 3 is a block diagram of an example system 300 that caninteractively prompt communication devices to facilitate automaticallypopulating a white list(s) associated with a femto AP and management ofaccess of communication devices to a femto AP in accordance with anaspect of the disclosed subject matter. In example system 300, the femtoAP 130 can scan a frequency spectrum or band in which communicationdevices can communicate to facilitate detecting communication devicesthat are in the cell coverage area (e.g., area 125) of the femto AP 130.The femto AP 130 can automatically detect a communication device(s) 310(e.g., subscriber station(s), such as a mobile phone) that enters thecell coverage area of the femto AP 130. In an aspect, the accessmanagement component 235 can facilitate automatically generating andtransmitting a query 315, which can be transmitted by the communicationplatform 255, to the communication device(s) 310 via FL/RL 135 toinquire as to whether the communication device(s) 310 desires to connect(e.g., wirelessly connect) to the femto AP 130 to access servicesassociated with the femto AP 130 and be entered on a white list(s) 220associated with the femto AP 130. Interactively prompting detectedcommunication devices 310 to opt in to the white list(s) 220 of thefemto AP 130 and accessing services associated with the femto AP 130 canfacilitate automatically populating the white list(s) 220. Thecommunication device(s) 310 can communicate a response to the prompt orquery 315 to accept the invitation to opt in to the white list(s) 220and request access to the femto AP 130 or can reject the prompt. Inanother aspect, a communication device(s) 310 can enter the cellcoverage area of the femto AP 130 and can convey a request or query 315to facilitate accessing coverage of femto AP 130. Such a query 315 orrequest can be received by communication platform 255 via a FL/RL 135.In an aspect, the query 315 can be conveyed via an online GUI, an emailmessage, a SMS message, MMS message, a voice mail, a web prompt, USSD(or * and # codes), and the like.

In another aspect, the access management component 235 can be configuredto allow or reject the request for access by the communication device(s)310, where allowance or rejection of a request can be based at least inpart on various metrics (e.g., predefined access criteria), such assecurity, type of communication device, profile of subscriber thatoperates/operated the communication device 310 that requests access,historical information regarding the communication device or associateduser (e.g., abusive use of the femto AP 130 and associated services),available bandwidth, bandwidth requirements of the communication device,etc. Upon allowance of a request, the access management component 235can query for available slots to be filled in white list(s) 220associated with accounts served by femto AP 130, and when space isavailable in the white list(s) 220 for a subscriber station identifiernumber (e.g., MSISDN), code or token, and/or other information, thequery can further probe whether access is allowed on a permanent ortemporary basis (e.g., to reduce risk exposure to security problems,maintain available space on white list(s) 220 for other communicationdevices 310, etc.). Characteristics of femto coverage allowance can beset or pre-set through the access management component 225.

Subsequent to allowance and examination of information related torelevant white list(s) 220, access management component 235 can updatewhite list(s) 220, which can be stored in data storage 245, to reflectthe approved request for femto coverage by the femto AP 130. It is to benoted that access and update of collected subscriber identifier numbers(e.g., MSISDN), codes or token, can also be effected throughnetwork-based white list database(s). The white list(s) 220 can beupdated to include desired information regarding the communicationdevice(s) 310, where the information can include, for example,identifier numbers, codes, or token of the communication device(s) 310,type of communication device(s) 310, services that can be utilized bythe communication device(s) 310, type of access granted and/or thesubset services associated with the femto AP 130 for which access isgranted, type of technologies (e.g., communication technologies)supported by the communication device(s), bandwidth requirements of thecommunication device(s) 310, bandwidth allocated to the communicationdevice(s) 310, QoS policy associated with the communication device(s)310, time the communication device(s) 310 is entered on the whitelist(s) 220, and/or historical data (e.g., usage data related to use ofthe femto AP 130 by the communication device(s) 310), etc.

In an aspect, when a communication device 310 is placed (e.g., stored)in the white list(s) 220 on a temporary basis, information related tothe communication device 310 can remain on the white list(s) 220 until aspecified condition(s) is met. The specified condition can comprise, forexample, the communication device 310 temporarily remains on the whitelist(s) 220 for a predetermined amount of time (or a specified extendedamount of time when the communication device 310 requests and is grantedan extended amount of time), the communication device 310 temporarilyremains on the white list(s) 220 until the communication device 310leaves the coverage area of the femto AP 130, and/or the communicationdevice 310 temporarily remains on the white list(s) 222 until thecommunication device 310 is powered down (e.g., turned off, batterydischarged, or re-booted, as desired. Once a specified condition is met,the access management component 235 can facilitate updating the whitelist(s) 220 to delete information related to the communication device310 from the white list(s) 220, and the updated white list(s) 220 can bestored in data storage 245.

In another aspect, the access management component 235 can grant accessto a subset of services associated with the femto AP 130 to thecommunication device 310 that is granted access to the femto AP 130. Theservices contained in the subset of services can be determined based atleast in part on the predefined access criteria. In an aspect, thepredefined access criteria can relate to, for example, informationstored in a white list(s) associated with the femto AP 130, the servicesavailable from the femto AP 130, type of communication device 310,bandwidth available to be allocated to the communication device 310,services that can be utilized by the communication device 310,historical data associated with the communication device(s) 310 inrelation to the femto AP 130, QoS, type of technologies (e.g.,communication technologies) supported by the communication device(s),type(s) of service(s) requested by the communication device(s), etc.

In an aspect, the services that can be associated with and/or providedvia the femto AP 130 can be as desired, and can include, for example,voice services (e.g., wireless mobile phone calls), data services (e.g.,messaging, Internet access, . . . ), applications, electronic gaming,and/or access to content (e.g., audio content, video content, multimediacontent, . . . ). The femto AP 130 also can be connected (e.g., wiredwirelessly) to electronic devices in addition to communication devices,where the electronic devices can comprise, for example, digital videorecorders/players, digital music recorders/players, analog videorecorders/players (with digital conversion), analog musicrecorders/players (with analog conversion), electronic games,televisions, set-top boxes, cameras (e.g., digital cameras), and/or anavigation system or device (e.g., global position satellite (GPS)system.

An illustrative, non-limiting advantage of example system 300 is that itcan provide an enhanced end user experience with a direct, clearmechanism and thus can encourage use of the femto AP 130, and can avoidtime spent on edition of white list(s) through a networked interface(e.g., interface component 210) like an online interface which can taketime for the end user to have access to the Internet, and to log on in asecured interface.

In another aspect, if the request for access by the communicationdevice(s) 310 is rejected by the access management component 235 or thecommunication device 310 indicates that the communication device 310desires to opt out of accessing the femto AP 130, or if the accessmanagement component 235 determines that there is no available slot inthe femto AP 130 (and associated white list(s) 220), the accessmanagement component 235 can deny access of the femto AP 130 to thecommunication device 310. In still another aspect, when access isdenied, the communication device 310 can be placed on a black list(s)222 associated with the femto AP 130, on a permanent (or semi-permanent)or temporary basis, for example, by the access management component 235,where the black list(s) 222 can be stored in data storage 245. Forinstance, if the access management component 235 receives a message fromthe communication device 310 that indicates the communication device 310desires to permanently (or semi-permanently) opt out of coverage by thefemto AP 130 and/or if the access management component 235 determinesthat the communication device 310 is not to be granted access tocoverage by the femto AP 130 on a permanent basis based at least in parton predefined access criteria, the access management component 235 canfacilitate updating the black list(s) 222, and storing the black list(s)222 in data storage 245, to include information related to thecommunication device 310, where the communication device 310 can belisted in the black list(s) 222 on a permanent (or semi-permanent)basis.

In yet another aspect, if the communication device 310 communicates amessage to the femto AP 130 that indicates that the communication device310 is opting out of coverage by the femto AP 130 at this time, but noton a permanent basis, or if access to the femto AP 130 is denied by theaccess management component 235 (e.g., due to no available slot on thewhite list(s)), the black list(s) 222 can be updated to includeinformation related to the communication device 310 on the black list(s)222 on a temporary basis, for example, by the access managementcomponent 235, where the black list(s) 222 can be stored in data storage245. In an aspect, a communication device 310 on the black list(s) 222on a temporary basis can remain on the black list(s) 222 until apredefined black-list condition(s) is met. The predefined black-listconditions can comprise, for example, the communication device 310temporarily remains on the black list(s) 222 for a predetermined amountof time, the communication device 310 temporarily remains on the blacklist(s) 222 until the communication device 310 leaves the coverage areaof the femto AP 130, and/or the communication device 310 temporarilyremains on the black list(s) 222 until the communication device 310 ispowered down (e.g., turned off, battery discharged, or re-booted, asdesired. Once a black-list condition is met, the access managementcomponent 235 can facilitate updating the black list(s) 222 to deleteinformation related to the communication device 310 from the blacklist(s) 222, and the updated black list(s) 222 can be stored in datastorage 245.

While on the black list(s) 222 (temporarily or permanently (orsemi-permanently)), the communication device 310 is not eligible foraccess to or to attempt access to the femto AP 130. Employing blacklist(s) 222 can facilitate reducing signaling (e.g., unnecessarysignaling) between communication devices and the femto AP 130, as itwill be unnecessary for signaling by the femto AP 130 to a black-listedcommunication device with regard to the black-listed communicationdevice accessing the femto AP 130; can facilitate reduced powerconsumption by the femto AP 130 and/or the black-listed communicationdevice due in part to the reduced signaling; and can facilitate moreefficient communication between the femto AP 130 and communicationdevices 310 in the coverage area of the femto AP 130, since unnecessarysignaling can be reduced.

It is to be appreciated that a request for access can be effected by thefemto AP 130 automatically, through an access management component(e.g., access management component 225), for example. Also,substantially any wireless communication device 310 within coverage areaof femto AP 130 (e.g., area 125) can request access without interventionby a subscriber that operates femto AP 130, and who has previouslyentered a set of subscriber station numbers (e.g., MSISDNs), codes ortokens, via a networked interface (e.g., interface component 210).Alternatively, or in addition, a request for access can be prompted by adevice utilized by a subscriber that operates the femto AP. Once arequest is granted, a secure tunnel can be established from thedevice/client through the femtocell's IP connection or the default ofthe Radio Access Network if the IP connection is not available. Securelayers including utilizing the femtocell's VPN and/or USSD would ensurethat the transaction is in fact secure.

As a non-limiting example, a temporary visitor or employee (e.g., ababysitter) who is coming over to a location served by a femto accesspoint (e.g., femto AP 130) for a limited period of time, can be providedwith coverage via the femto AP by a subscriber that operates thefemtocell so the employee can perform, at least in part, his/her workactivities (e.g., provide updates on behavior of children) throughutilization of the femto access point. In case the subscriber fails toknow identifier numbers, codes or tokens for devices the employee canutilize, and the subscriber is not interested in going through theprocess of requesting and entering the numbers, codes or tokens via anetworked interface to allow coverage for the limited period of timethat the employee performs work, the employee (e.g., babysitter) canconvey a request (e.g., query 815) to the femto AP to facilitateallowing the employee to request femto access directly from theemployee's communication device when in range of the femto AP.

FIG. 4 depicts a block diagram of an example access management component235 that can facilitate management of an access control list(s) andaccess of subscribers and subscriber stations to a femtocell inaccordance with an aspect of the disclosed subject matter. Asillustrated, access management component 235 can include memorycomponent 402, processor component 404, user receiver component 406,femto receiver component 408, network receiver component 410, slotcomponent 412, status component 414, and timer component 416. A briefdescription of each component is provided below.

In an aspect, memory component 402 stores various data objects and/orfiles utilized by access management component 235 to facilitateadding/removing communication devices to/from an access control list(s).For instance, memory component 402 can store an algorithm for modeling adesired access criteria for providing femto cell coverage. In anembodiment, because such an algorithm can model a first criteria foradding devices to an access control list(s) and a second criteria forremoving devices from an access control list(s), memory component 402can be configured to store these models separately. Similarly, becausean algorithm can model criteria for adding/removing devices to/from awhite list(s) different than adding/removing devices to/from a blacklist(s), memory component 402 can also be configured to store thesemodels separately.

In another aspect, access management component 235 can compriseprocessor component 404 for executing a stored access criteria algorithmso as to manage a white list(s) 220 (e.g., an access control list(s))and/or a black list(s) 222 associated with femto AP 130. The processorcomponent 402 can utilize any of a plurality of types of data to executethe access criteria algorithm. For instance, such data can include dataassociated with a communication device(s) (e.g., 310) that is or hasbeen within the coverage area of the femto AP 130. Other data caninclude diagnostic data associated with the usage or status of the femtocell coverage and/or macro network. The received data can then beutilized to generate, configure, and/or update a white list(s) 220and/or black list(s) 222 together with data already contained in a whitelist(s) and/or black list(s), the access criteria, and/or otherinformation.

In another aspect, access management component 235 can include a userreceiver component 406. Within such embodiment, user receiver component406 can be utilized to receive any of a plurality of types of data froma device attempting to obtain femto cell coverage. For instance, in oneembodiment, user receiver component 406 can be configured to scan afrequency spectrum in which communication devices can occupy andcommunicate to facilitate detecting communication devices 310 that enterthe cell coverage area (e.g., area 125) of the femto AP 130. Within suchembodiment, user receiver component 406 can be further configured tofacilitate identifying a particular communication device 310 based atleast in part on detected or received data from the particularcommunication device 310. Such data can include any of a plurality oftypes of data including a security key (e.g., a password, MSISDN, etc.),service type (e.g., voice, data, etc.), and/or type of service provider.

In another aspect, access management component 235 can further includefemto receiver component 408 and/or network receiver component 410.Within such embodiment, femto receiver component 408 and networkreceiver component 410 can be utilized to receive the aforementioneddiagnostic data associated with the usage or status of the femto cellcoverage area and macro network, respectively. Such data can include anyof a plurality of types of diagnostic data including bandwidth usage ofall devices within the femto coverage area and/or available bandwidth inthe macro network.

In still another aspect, the access management component 235 can includea slot component 412 that can facilitate managing slots associated withthe femto AP 130 (e.g., slot(s) in the white list(s) 220 and/orcorrespondingly in the femto AP 130) and determining availability of aslot associated with a femto AP 130 when a communication device desiresto access the femto AP 130 and services associated therewith.

Access management component 235 can also include a status component 414that can facilitate determining whether a communication device 310 is tobe stored in a white list(s) 220 or black list(s) 222 on a temporarybasis or a permanent basis. The status component 414 also can facilitatemonitoring or tracking the status of a communication device 310 that isaccessing the femto AP 130 and/or associated services, and/or canmonitor other components associated with the access management component235 or femto AP 130. For example, the status component 414 can monitorwhether a communication device 310, which is temporarily on the whitelist(s) 220, is still active in the cell coverage area of the femto AP130. If the communication device 310 is no longer active in the cellcoverage area (e.g., communication device 310 has left the cell coveragearea, communication device 310 is turned off, . . . ), the statuscomponent 414 can determine that the communication device 310 is to beremoved from the white list(s) 220, and the configuration component 402can update the white list(s) 220 to delete information related to thecommunication device 310 from the white list(s) 220.

In yet another aspect, the access management component 235 can contain atimer component 416 that can be utilized to facilitate tracking the timethat a particular communication device 310 has been on a white list(s)220 or a black list(s) 222 associated with the femto AP 130. The timercomponent 416 can comprise a desired number of timers that can beemployed with regard to respective communication devices 310 in the cellcoverage area and temporarily on a white list(s) 220 or black list(s)222 to facilitate tracking the respective amounts of time that each ofthose communication devices 310 have been listed in the respective whitelist(s) 220 or black list(s) 222, and/or have been accessing the femtoAP 130 and/or an associated subset of services (e.g., for communicationdevice(s) 310 temporarily on the white list(s) 220).

In view of the example systems described herein, example methodologiesthat can be implemented in accordance with the disclosed subject mattercan be better appreciated with reference to flowcharts in FIGS. 5-9. Forpurposes of simplicity of explanation, example methodologies disclosedherein are presented and described as a series of acts; however, it isto be understood and appreciated that the claimed subject matter is notlimited by the order of acts, as some acts may occur in different ordersand/or concurrently with other acts from that shown and describedherein. For example, a methodology disclosed herein could alternativelybe represented as a series of interrelated states or events, such as ina state diagram. Moreover, interaction diagram(s) may representmethodologies in accordance with the disclosed subject matter whendisparate entities enact disparate portions of the methodologies.Furthermore, not all illustrated acts may be required to implement amethodology in accordance with the subject specification. It should befurther appreciated that the methodologies disclosed throughout thesubject specification are capable of being stored on an article ofmanufacture to facilitate transporting and transferring suchmethodologies to computers for execution by a processor or for storagein a memory.

FIG. 5 presents a flowchart of an example methodology 500 for managingaccess of subscribers and subscriber stations to cell (e.g., femtocell)coverage in accordance with an aspect of the disclosed subject matter.At 510, a white list(s) (e.g., access control list(s)) associated with afemtocell can be configured. In an aspect, configuration of the whitelist(s) (e.g., 220) can be performed via a networked interface,interactively or automatically based at least in part on operationconditions of the femtocell. The configuration of the white list(s) canrelate to, for example, initial provisioning of the femtocell, capturingof wireless communication devices (e.g., 310), responding to request foraccess by a communication device, updating extant access control lists,and so forth. At 520, access to cell (e.g., femtocell) coverage can begranted at least in part according to the configured white list(s). Inanother aspect, the configured white list(s) can possess an associatedprofile that can facilitate controlling logic for utilization of thewhite list(s), via a set of parameters that can determine conditions ofaccess to the femto AP 130 and associated subset of services, type ofaccess to the femto AP 130 and associated subset of services, subset ofservices available to a particular communication device or associateduser of communication device, etc.

FIG. 6 illustrates a flowchart of an exemplary methodology 600 forfacilitating management of access to femto cell coverage in accordancewith an aspect of the disclosed subject matter. At 610, process 600begins with an access control list being stored in a memory component.In an embodiment, the stored access control list can include a list ofdevices that are permanently/temporarily granted access (i.e., deviceson a white list) and/or a list of devices that arepermanently/temporarily denied access (i.e., devices on a black list).Within such embodiment, it should be appreciated that the listing of acommunication device (i.e., white list or black list) and temporalstatus of such a listing (i.e., permanent or temporary) can dynamicallyvary depending on the status of the access criteria at a given time. Itshould be further appreciated that a plurality of access control listscan be generated so as to separately list any combination of temporaryand/or permanently listed communication devices on a white list and/orblack list. For instance, in one aspect, communication devices havingtemporary access (e.g., visitors to an office) can be listed on a firstlist so as to segregate these devices from devices having permanentaccess (e.g., an owner of the femto cell system) on a second list.

Next, at act 620, a communication device is added to the access controllist according to a first set of criteria, and subsequently removedautomatically at act 630 according to a second set of criteria. Here,each of the first and second criteria can be utilized to configure anaccess management component to add/remove communication devices to/froman access control list according to any of a plurality of factors. In anembodiment, such an algorithm can, for example, include linking eitherof the first or second criteria to a timing component.

Several non-limiting embodiments in which a timer component is utilizedto add/remove devices from an access control list can be contemplated.In one embodiment, for instance, it may be desirable to temporarily adda device to the list and simply remove the device after a predeterminedamount of time has elapsed (e.g., hotel guests). Such an embodiment canthus include a “removal criteria” that removes the device from the listaccording to data received from the timer component.

In another embodiment, however, it can be desirable to also link the“add criteria” to a timer component. For instance, parents may wish toprovide cyclical access to femto coverage to their kids in the form of adaily curfew. Within such embodiment, the parents can, for example,configure the “add criteria” so that devices are only added duringnon-curfew hours.

For some embodiments, it should be appreciated that the add/removecriteria can further require receiving data from any of a plurality ofother sources. For instance, as illustrated in FIG. 7, access criteria702 can dictate that access management component 235 add/remove devicesto/from an access control list according to data related to anycombination of user characteristics 704, femto coverage characteristics704, and/or network characteristics 706.

In one aspect, user characteristics 704 includes data specific to thecommunication device attempting to obtain temporary access to femtocoverage. For instance, in one embodiment, access criteria 702 can allowa device to be temporarily added to the access control list if a correctpassword is received via user characteristics 704. In anotherembodiment, access criteria 702 can further/instead require that usercharacteristics 704 include device-specific data definitivelyidentifying a particular device (e.g., an MSISDN, code or token, and/orother information). Also, because costs associated with providing femtocoverage can vary depending on the particular service carrier of thedevice, access criteria 702 can further/instead require that usercharacteristics 704 includes confirmation that the device is linked to adesired service carrier. Similarly, because of costs, access criteria702 can further/instead limit access to a particular type of service(e.g., granting voice access, but denying data access to a babysitter).

Access criteria 702 can further depend on data related to femto coveragecharacteristics 704 and network characteristics 706. Here, it should beappreciated that data related to femto characteristics 704 can includeany diagnostic data related to the status and/or available resources ofthe femto coverage. Similarly, network characteristics 706 can includeany diagnostic data related to the status and/or available resources ofthe macro network linked to the femto coverage (e.g., a wired broadbandnetwork). Such data can, for example, include total available bandwidth(either within the femto coverage or within the macro network), whereinaccess criteria 702 can add devices only if the available bandwidth isbelow a predetermined threshold and/or remove devices if the availablebandwidth exceeds another predetermined threshold.

FIG. 8 illustrates a flowchart of an exemplary methodology 800 foradding and automatically removing devices to/from a white list inaccordance with an aspect of the disclosed subject matter. At act 802,the process begins with an access management component receiving dataindicating that a particular device is within the cell coverage area ofa femto access point. Such data can be received by, for example,monitoring a frequency spectrum in which communication devices canoccupy so as to detect communication devices that enter the femto cellcoverage area (e.g., area 125) of a femto AP.

Once a communication device is detected, process 800 proceeds to act 804where the access management component determines whether “permanent”access should be granted to the device. Here, it should be appreciatedthat such permanent access can be granted either because the device isalready listed as having permanent access or because the device iseligible to be listed as having permanent access. For instance, in oneembodiment, the access management component can receive identificationdata from the communication device and compare this data to devicesalready listed on the white list. In another embodiment, although adevice is not currently listed, the access management component can beconfigured to receive particular data from the device/user (e.g., apassword) that causes the device to be permanently listed on the whitelist. If permanently listed on the white list, the device is grantedaccess at act 805, otherwise process 800 proceeds to act 806.

At act 806, a determination is made as to whether to grant temporaryaccess to the device. Here, the determination is made as a function ofaccess criteria 702, which can depend on any of a plurality of factorsincluding any combination of the aforementioned factors discussed above.For instance, a hotel guest can be given a temporary access key toobtain femto cell coverage. Within such scenario, access criteria 702can cause the access key to expire after the hotel guest has checkedout. In a similar scenario, attendees of a conference can be granted atemporary access key that can expire once the conference has ended. Ifit is determined that temporary access should not be granted because thecriteria for “adding” a device to the white list has not been met,access is denied at act 807. Otherwise, process 800 proceeds to act 808where the device is added to the white list and subsequently grantedtemporary access at act 810.

At act 812, a determination is then made as to whether the temporarilyadded device should be removed from the white list. Here, thedetermination is again made as a function of access criteria 702, whichcan also depend on any of a plurality of factors including anycombination of the aforementioned factors discussed above. For instance,bandwidth limitations either in the femto cell coverage and/or macronetwork can cause a “removal” criteria to be met. If the removalcriteria is indeed met, the device is removed from the access controllist at act 813 and access to femto cell coverage is subsequently deniedat act 807. Otherwise, process 800 loops back to act 810 where thedevice continues to receive temporary access.

FIG. 9 depicts a flowchart of an example methodology 900 that cantemporarily store information related to a subscriber station andassociated subscriber in a white list(s) (e.g., access control list(s))to facilitate managing access of subscribers and subscriber stations(e.g., communication devices 310) to femtocell coverage in accordancewith an aspect of the disclosed subject matter. Methodology 900 beginsat 902 where a white list(s) can be updated to include informationrelated to the communication device and/or associated user. In anaspect, the access management component 235 can facilitate updating thewhite list(s) 220 to store information (e.g., identificationinformation, account information, communication device information, userinformation, etc.) related to the communication device and/or associateduser in the white list(s) 222, which can be stored in data storage 245.

At 904, the communication device can be granted access to a subset ofservices associated with the femto AP 130. In an aspect, the accessmanagement component 235 can facilitate granting access to a subset ofservices associated with the femto AP 130 to the communication devicebased at least in part on the white list(s) 220, the user of thecommunication device, the type of communication device, availablebandwidth of the femto AP 130, and/or other desired access criteria. Forexample, an owner or operator of the femto AP 130 can desire to limitaccess of a communication device of the owner/operator's child to aspecified subset of services that is suitable for children. The user ofthe communication device can utilize the subset of services associatedwith the femto AP 130 to which access has been granted.

At 906, a timer can be started. In an aspect, the access managementcomponent 235 can employ a timer component 412 that can employ atimer(s) that can be utilized to facilitate tracking the amount of timethat the communication device has been stored in the white list(s) 220and/or accessing the subset of services. At 908, a determination can bemade regarding whether additional time is to be granted to thecommunication device to access the subset of services and to remain onthe white list(s). In an aspect, the access management component 235 canfacilitate communicating a message to the communication device toinquire whether the user of the communication device desires additionaltime for the communication device to access the subset of services (andremain on the white list(s) 220). The access management component 235can determine whether to grant the communication device additional timeto access the subset of services (and remain on the white list(s) 220)based at least in part on the response to the inquiry received from thecommunication device and/or other desired access criteria.

If, at 908, it is determined that additional time is granted to enableaccess the subset of services by the communication device (and for thecommunication device to remain on the white list(s) 220), methodology900 can return to reference numeral 906, where the timer (e.g., of timercomponent 412) can be started (e.g., re-started), and methodology 900can proceed from that point. In an aspect, the amount of additional timegranted to the communication device can be the same or different as theinitial amount of time granted to the communication device, as desired.

If, at 908, it is determined that additional time is not granted to thecommunication device with regard to accessing the subset of services(and remaining on the white list(s) 220), at 910, time related togranting of access to the communication device (and storing informationrelated to the communication device and associated user on the whitelist(s) 220) can expire. In an aspect, the access management component235 can receive an indication from the timer component 412 that theamount of time granted to the communication device to access the subsetof services associated with the femto AP 130 and to be stored on thewhite list(s) 220 associated with the femto AP 130 has expired.

At 912, access to the subset of services by the communication device canbe terminated. In an aspect, the access management component 235 canfacilitate terminating access to the subset of services associated withthe femto AP 130 by the communication device. At this point, thecommunication device will no longer be able to utilize the subset ofservices. At 914, information related to the communication device andassociated user can be deleted from the white list(s). In an aspect, theaccess management component 235 can facilitate deleting informationrelated to the communication device and its user from the white list(s)220. In another aspect, when information related to the communicationdevice 310 is stored in a white list(s) 220 on a temporary basis, theaccess management component 235 can facilitate deleting informationrelated to the communication device 310 from the white list(s) 220 whenanother specified condition is met, where the specified condition cancomprise, for example, the communication device 310 leaves the cellcoverage area of the femto AP 130, the communication device is powereddown or re-booted, and/or the communication device 310 is otherwise notdetected to be in the cell coverage area of the femto AP 130.Maintenance of the white list(s) 220 to remove information related tocommunication devices that are temporarily stored on the white list(s)220 can facilitate efficient communication between the femto AP 130 andcommunication devices in the cell coverage area.

FIG. 10 is a block diagram of an example system 1000 that can facilitatesharing white list(s) (e.g., access control list(s)) and/or blacklist(s) among subscribers of a wireless network service in order toprovide straightforward access configuration to, and activation of, afemtocell (e.g., femto AP 130) among femtocell subscribers. Subscriberscan belong to disparate or same service accounts with either a macroservice provider or femto provider, or both. For example, subscribersthat share white list(s) 1020 and/or black list(s) 1022 can pertain to agroup or family associated with a single service account. In examplesystem 1000, subscriber A 1010 who belongs to account K can convey whitelist(s) 1020 and/or black list(s) 1022 over network 1030, via a wired orwireless link 1025, to subscriber B 1030 who belongs to account J.Subscriber A 1010 can hide or eliminate specific subscriber stationnumbers from white list(s) 1020 and/or black list(s) 1022 he/she/itgrants to other subscribers. It should be appreciated that the grantingof subscriber station numbers, codes or tokens can substantially reducethe amount of time to configure, or set up a white list(s) 1020 and/orblack list(s) 1022, as opposed to manually re-entering multiple numbers,codes, or tokens (e.g., up to 50 numbers, codes or tokens) acrossmultiple femtocells.

A security component 1040, or authorization layer, can facilitateensuring that unauthorized mobile subscriber numbers, codes or tokens,respectively associated with communication devices (e.g., 310) are notprovided when not approved by end users. Such approval can be determinedvia a specified privacy policy associated with the end user, orsubscriber, which can be stored in a subscriber database 1050; thespecified privacy policy can be configured/updated through variousmeans, such as, for example, web-based interfaces, call center,text-message center, etc. Security component 1040 can ensure privacyintegrity when white list(s) 1020 and/or black list(s) 1022 are sharedamong subscribers of different accounts (e.g., J≠K). In an illustrativeaspect, security component 1040 can solicit subscribers outside a“white-list share” (or “black-list share”) originating account to grantthe authority for their subscriber station identifier number, code ortoken to be shared through white list(s) 1020 (or black list(s) 1022).To the latter end, security component 1040 can resort to variousmechanisms that can include, but are not limited to including, a shortmessage service (SMS) communication, a multimedia message service (MMS)communication, email, voice mail, web pop up, etc. Alternatively, or inaddition, security component 1040 can mitigate security mechanism(s)complexity through validation via subscriber account information (e.g.,stored in subscriber database 1050) in order to grant automatic accessto a white list(s) 1020 and/or black list(s) 1022 within groups orfamilies underneath a single service account, without additionalsecurity verification.

FIG. 11 is a block diagram of an example system 1100 that can facilitatemanagement of a white list(s) (e.g., an access control list(s)) and ablack list(s) associated with a femtocell (e.g., femto AP 130) inaccordance with an aspect of the disclosed subject matter. System 1100can comprise a white list management component 1110 that can access asubscriber database 1120 which can be maintained by a service operatorfor femto and macro cells, and a data storage 1130 that retains a set ofwhite lists 1140 associated with serviced subscribers, to associatewhite-listed subscribers across disparate white lists. Such associationcan lead to genesis of white-lists trees. In an aspect, the white listmanagement component 1110 can implement mechanisms to facilitatemitigating exponential data growth and efficient storage of white-listtrees like data-compression (e.g., wavelet, efficient treerepresentation, and so on), distributed data warehouses, and so forth.

In another aspect, system 1100 can comprise a black list managementcomponent 1115 can access a subscriber database 1120 which can bemaintained by a service operator for femto and macro cells, and a datastorage 1130 that can retain a set of black lists 1145 associated withserviced subscribers, to associate black-listed subscribers acrossdisparate black lists. Such association can lead to genesis ofblack-lists trees. In an aspect, the black list management component1115 can implement mechanisms to facilitate mitigating exponential datagrowth and efficient storage of black-list trees like data-compression(e.g., wavelet, efficient tree representation, and so on), distributeddata warehouses, etc.

In still another aspect, the white list management component 1110 candeploy a white-list tree in accordance to the following illustrative,non-limiting scenario. (i) User 1 adds User 2 to his/her white list(e.g., 1140). (ii) User 2 adds User 3 to his/her white list (e.g.,1140). (iii) User 1 and User 3 can be associated through the respectivewhite lists. (iv) User 1 and User 3 can match User 4 extant on eachother's white lists. (v) User 1 and User 3 can associate User 5 that ison User 4's white list. White list management component 1110 can effectassociations and manage generated white-list tree(s). It should beappreciated that substantially any association, hierarchical ornon-hierarchical, or deployment of white lists 1140 can be implementedby the white list management component 1110 through information storedin subscriber database 1120 and data storage 1030. It is to beappreciated and understood that the black list management component 1115similarly can deploy a black-list tree in accordance with the aboveillustrative, non-limiting scenario.

An illustrative, non-limiting, advantage of structured, hierarchicalgeneration of white lists to subscribers (e.g., subscriber A 1010) isthat more subscribers can have access to femtocells (e.g., femto APs130) to gain coverage enhancement, or have access to added value throughunlimited usage on any femtocell or unique services available via a setof femtocells.

In addition, example system 1100 can track subscriber station identifiernumbers (e.g., MSISDNs), codes or tokens, associated with white list(s)on record with a femto service provider. White list management component1110 can validate white list(s) 1140, stored in data storage 1130,against current accounts and associated subscriber station identifiernumbers (e.g., MSISDNs), codes, or tokens, for a service provider. Inparticular, when a subscriber, or end user, cancels an account with aservice provider, white list(s) 1140 can be updated according toinformation retrieved from subscriber database 1120, or substantiallyany other database available to a service provider that containsinformation on service subscribers. In addition, when an end userchanges their mobile or subscriber station number, code or token, (e.g.,after relocation to a new area code, or the like) substantially allwhite list(s) 1140 that the mobile or subscriber station number, code ortoken is associated with can automatically be updated by the white listmanagement component 1110.

An illustrative advantage of such automatic update of white list(s) 1140is ease of use for end users to maintain current white list(s) 1140without a need to keep track of each subscriber station number, code ortoken associated with the white list(s) 1140. In addition, updated whitelist(s) 1140 can maintain the value proposition of the femtocells forend users and service operator by a seamless move of traffic off of themacro network (e.g., a WAN) to femto network(s).

In accordance with an embodiment, the white list management component1110 can facilitate distinguishing between communication devices (andassociated users) that are temporarily on a white list 1140 of asubscriber as compared to communication devices (and associated users)that are permanently on the white list 1140 of the subscriber when awhite list 1140, or subset thereof, of one subscriber is added to awhite list 1140 of another subscriber. For instance, the white listmanagement component 1110 can facilitate selecting or associatingsubscribers that are permanently on a white list 1140 of one subscriber,but not selecting or associating subscribers that are temporarily on thewhite list 1140 of the one subscriber, and adding a subset of the whitelist of the one subscriber (e.g., the selected or associated subscribersthat are permanently on the white list) to the white list 1140 of theother subscriber. It is to be appreciated and understood that the blacklist management component 1115 similarly can select a desired subset ofsubscribers on one black list 1145 of one subscriber (e.g., selectingsubscribers that are permanently on a black list of the one subscriber,but not subscribers that are temporarily on the black list of the onesubscriber) and adding the subset of subscribers to the black list 1145of another subscriber when in accordance with the embodiment.

FIG. 12 is a block diagram of an example system 1200 that can facilitateaddition of subscriber(s)/subscriber station(s) to one or more whitelists associated with a femtocell (e.g., femto AP 130) in accordancewith an aspect of the disclosed subject matter. In example system 1200,a network management component 1210 can include a white list managementcomponent 1210 which can be coupled to a subscriber database 1225, adata storage 1235, and a communication platform 1215. The white listmanagement component 1210 can data-mine subscriber database 1225 andwhite list(s) 1245, which can reside in data storage 1235, to driveaddition of new subscribers to a white list to request reciprocaladding. In an aspect, once a subscriber 1260 in account K is identifiedfor reciprocal addition at a time the subscriber 1260 configures his/herfemto AP (e.g., 130), a white list (WL) configuration request 1255 canbe conveyed (e.g., via a wired or wireless link through communicationplatform 1215) to the subscriber. Such configuration request canindicate that a disparate subscriber has subscriber 1260 white-listedand can prompt subscriber 1260 to include in his/her white list thedisparate subscriber.

An illustrative scenario is the following: User 1 adds User 2 to his/herwhite list. Once User 2 configures/activates his/her femtocell, a setupprocess (e.g., implemented through a web-based online GUI) can promptUser 2 to add User 1. It is to be noted that the white list managementcomponent 1210 can exploit information in subscriber database 1225 anddata storage 1235 to inform User 2 of substantially all subscriberstation numbers, codes or tokens that he/she can automatically add tohis/her white list on a reciprocity basis; namely, User 2 can beprompted to add in the white list(s) of User 2 those subscribers thathave previously added him/her to their white list(s). In an aspect, thewhite list configuration request 1255 can be effected through one ormore of various interfaces, such as an online GUI; a real timeprompt/alert delivered via SMS, MMS, email, instant message; etc.

FIG. 13 is a block diagram of an example system 1300 that can manage adefined logic relating to maintaining content(s) (e.g., MSISDNs) in awhite list(s) (e.g., access control list(s)) on a white list databaseand a black list(s) in a black list database in accordance with anaspect of the disclosed subject matter. In an aspect, the accessmanagement component 235, which can comprise a white list managementcomponent 1310, can develop a white list profile(s) 1320 that can applylogic and parameters that can facilitate controlling, or managing,content, such as subscriber station numbers (e.g., MSISDNs), codes ortokens, in a white list(s) 1330. White list profile(s) 1320 and whitelist(s) 1330 can be stored in data storage 245; it should be appreciatedthat while data storage 245 is illustrated to reside within femto AP130, such storage can reside in a network management component (e.g.,component 1210).

In another aspect, white list profile parameters that can facilitatecontrolling utilization logic of white list(s) content can include,without being limited to including: (i) temporary access, e.g., fullaccess for a specific time interval, such as a specified number of days,hours, or minutes; (ii) access only within a window of time in a day(e.g., voice and data allowed from 9:00 a.m.-6:00 p.m., or voice allowedafter 9:00 p.m.) which can facilitate billing schemes alreadyestablished by an operator/service provider); and/or (iii) access tospecific applications, such as scheduler, calendar(s), news streaming,authoring tools, gaming, video and music, etc.

In still another aspect, logic within white list profile(s) canimplement parameters to determine how long access to femto coverage isgranted. For instance, when a timer associated with temporary access ofa subscriber station (e.g., communication device) expires, a query 1345can be conveyed (e.g., through a wired or wireless link 1335) to eithera subscriber that operates a device associated with the managed MSISDNin order to request renewed access, or to a subscriber that operatesfemto AP 130. The message request, e.g., query 1345, can ask the ownerif an extension of time is to be granted or not. When a request is notgranted by a subscriber that operates femto AP 130 or there is no reply,e.g., acknowledgement 1345, from the subscriber, access to femtocoverage can expire and information, such as the MSISDN (orsubstantially any identifier code or token), associated with thesubscriber station can be deleted from a corresponding white list(s)within data storage 245. Conversely, a positive response, e.g.,acknowledgement 1345, can allow access to continue for the subscriberstation based at least in part on parameters extant in white listprofile(s) or newly defined parameters. It is to be noted that query1345 can be conveyed via an online GUI, an email message, a SMS message,MMS message, a voice mail, a web prompt, and the like.

In yet another aspect, the access management component 235 can comprisea black list management component 1312 and can develop a black listprofile(s) 1322 that can apply logic and parameters that can facilitatecontrolling, or managing, content, such as subscriber station numbers(e.g., MSISDNs), codes or tokens, in a black list(s) 1332. The blacklist profile(s) 1322 and black list(s) 1332 can be stored in datastorage 245.

In an aspect, black list profile parameters that can facilitatecontrolling utilization logic of block list(s) content can include,without being limited to including: temporary denial of access of thefemto AP by the subscriber station until a black-list condition(s) ismet, where the black-list condition(s) can comprise information relatedto the subscriber station (e.g., 310) temporarily remains on the blacklist(s) 1332 for a predetermined amount of time, information related tothe subscriber station temporarily remains on the black list(s) 1332until the subscriber station 310 leaves the coverage area of the femtoAP, and/or information related to the subscriber station temporarilyremains on the black list(s) 1332 until the subscriber station ispowered down (e.g., turned off, battery discharged, . . . ) orre-booted; and/or permanent (or semi-permanent) denial of access of thefemto AP by the subscriber station. When a black-list condition(s) ismet, denial of access to femto coverage can expire and information, suchas the MSISDN (or substantially any identifier code or token),associated with the subscriber station can be deleted from acorresponding black list(s) within data storage 245.

FIG. 14 is a block diagram of an example system 1400 that can initializea white list(s) (e.g., access control list(s)) to femto coverage for asubscriber station with available subscriber station identifier numbers,codes or tokens available on a service account in accordance with anaspect of the disclosed subject matter. In example system 1400, asubscriber 1410 who can utilize account device(s) 1415, can provisionfemto AP 130 and associate the account device(s) 1415 with a serviceaccount via a networked interface component 210 (e.g., an online accountmanagement system) which can look up into substantially all subscriberstation(s) identifier numbers (e.g., MSISDNs), codes or tokensassociated with the service account, and can automatically populatewhite list(s) 220 with the extracted subscriber station(s) numbers,codes or tokens. Subscriber 1410, via interface component 210, canremove or add subscriber station(s) numbers (e.g., MSISDNs), codes ortokens extant in a pre-populated white list(s) 220; additional edits canbe performed as well, based at least in part on the complexity of whitelist(s) 220. In an aspect, to pre-set white list(s) 220, the networkedinterface component 210 can access information stored in subscriberdatabase 260 through network 230, which can include informationtechnology systems of a service provider. White list(s) 220 can beconveyed through network 230 to femto AP 130; a communication platform255 can receive white list(s) 220 and access management component 235can store the white list(s) 220 in data storage 245.

Illustrative advantages provided by example system 1400 can include (a)reduced femtocell provisioning lead time, and (b) immediate utilizationof a femtocell with mobile numbers that belong to a same serviceaccount, whether subscribers of such numbers subscribe to the femtocellor a feature application, or code, that delivers a femtocell service.

FIG. 15 is a block diagram of an example system 1500 that can facilitatemanagement of access of a femto AP by a communication device on arequest from the communication device in accordance with an aspect ofthe disclosed subject matter. In example system 1500, communicationdevice(s) 1510 (e.g., subscriber station(s), such as a mobile phone) canconvey a request or query 1515 to facilitate accessing coverage of femtoAP 130. The query 1515 can be conveyed via an online GUI, an emailmessage, a SMS message, MMS message, a voice mail, a web prompt, USSD(or * and # codes), and the like. Such request 1515 can be received bycommunication platform 255, and access management component 235 can beconfigured to allow or reject the request; allowance or rejection of arequest can be based at least in part on various metrics, such assecurity, type of communication device, profile of subscriber thatoperates/operated the communication device 1510 that requests access,etc. Upon allowance of a request, the access management component 235can query for available slots to be filled in white list(s) 220associated with accounts served by femto AP 130, and when space isavailable for a subscriber station identifier number (e.g., MSISDN),code or token, the query can further probe whether access is allowed ona permanent or temporary basis (e.g., to reduce risk exposure tosecurity problems, maintain available space on white list(s) 220 forother communication devices 1510, etc.). Characteristics of femtocoverage allowance can be set or pre-set through the access managementcomponent 225. Subsequent to allowance and examination of informationrelated to relevant white list(s) 220, access management component 235can update white list(s) 220, stored in data storage 245, to reflect theapproved request for femto coverage by the femto AP 130. It is to benoted that access and update of collected subscriber identifier numbers(e.g., MSISDN), codes or token, can also be effected throughnetwork-based white list database(s). Information (e.g., wireless devicenumbers, codes or tokens (e.g., MSISDNs); subscriber's active numbers,codes or tokens; and numbers, codes or tokens on service accounts ingood standing, . . . ) related to communication devices 310 can beprovided through networked access to a subscriber database 260.

An illustrative, non-limiting advantage of example system 1500 is thatit can provide an enhanced end user experience with a direct, clearmechanism and thus can encourage use of the femto AP 130, and can avoidtime spent on edition of white list(s) through a networked interface(e.g., interface component 210) like an online interface which can taketime for the end user to have access to the Internet, and to log on in asecured interface.

In another aspect, if the request 1515 is rejected by the accessmanagement component 235, or if there is no available slot in the whitelist(s) 220 and associated femto AP 130, the access management component235 can deny access of the femto AP 130 to the communication device1510. The communication device 1510 also can be placed on a blacklist(s) 222 associated with the femto AP 130, and stored in data storage245, on a permanent (or semi-permanent) or temporary basis, for example,by the access management component 235. For instance, if the accessmanagement component 235 determines that the communication device 1510is not to be granted access to coverage by the femto AP 130 on apermanent basis based at least in part on predefined access criteria,the access management component 235 can facilitate updating the blacklist(s) 222, and storing the black list(s) 222 in data storage 245, toinclude information related to the communication device 1510, where thecommunication device 1510 can be listed in the black list(s) 222 on apermanent (or semi-permanent) basis.

In yet another aspect, if access to the femto AP 130 is denied by theaccess management component 235 at this time (e.g., due to no availableslot on the white list(s)), the black list(s) 222 can be updated toinclude information related to the communication device 1510 on theblack list(s) 222 on a temporary basis, for example, by the accessmanagement component 235, where the black list(s) 222 can be stored indata storage 245. The communication device 1510 can remain on the blacklist(s) 222 until a predefined black-list condition(s) is met. Thepredefined black-list conditions can comprise, for example, thecommunication device 1510 temporarily remains on the black list(s) 222for a predetermined amount of time, the communication device 1510temporarily remains on the black list(s) 222 until the communicationdevice 1510 leaves the coverage area of the femto AP 130, and/or thecommunication device 1510 temporarily remains on the black list(s) 222until the communication device 1510 is powered down (e.g., turned off,battery discharged, . . . ) or re-booted, as desired. Once a black-listcondition is met, the access management component 235 can facilitateupdating the black list(s) 222 to delete information related to thecommunication device 1510 from the black list(s) 222, and the updatedblack list(s) 222 can be stored in data storage 245.

While on the black list(s) 222 (temporarily or permanently (orsemi-permanently)), the communication device 1510 is not eligible foraccess to or to attempt access to the femto AP 130. Employing blacklist(s) 222 can facilitate reducing signaling (e.g., unnecessarysignaling) between communication devices and the femto AP 130, as itwill be unnecessary for signaling by the femto AP 130 to a black-listedcommunication device with regard to the black-listed communicationdevice accessing the femto AP 130; can facilitate reduced powerconsumption by the femto AP 130 and/or the black-listed communicationdevice due in part to the reduced signaling; and can facilitate moreefficient communication between the femto AP 130 and communicationdevices 310 in the coverage area of the femto AP 130, since unnecessarysignaling can be reduced.

It is to be appreciated that substantially any wireless communicationdevice 1510 within coverage area of femto AP 130 (e.g., area 125) canrequest access without intervention by a subscriber that operates femtoAP 130, and who has previously entered a set of subscriber stationnumbers (e.g., MSISDNs), codes or tokens, via a networked interface(e.g., interface component 210). Once a request is granted, a securetunnel can be established from the device/client through the femtocell'sIP connection or the default of the Radio Access Network if the IPconnection is not available. Secure layers including utilizing thefemtocell's VPN and/or USSD would ensure that the transaction is in factsecure.

To provide further context for various aspects of the subjectspecification, FIG. 16 and FIG. 17 illustrate, respectively, examplemacro and femto wireless network environments that can exploit femto APsand a block diagram of an example embodiment of a femtocell access pointthat can enable and exploit features or aspects of the subjectinnovation and that utilize aspects of the subject innovation inaccordance with various aspects of the subject specification.

With respect to FIG. 16, wireless communication environment 1600includes two wireless network platforms: (i) A macro network platform1610 which serves, or facilitates communication with user equipment 1675(e.g., mobile 120 _(A)) via a macro radio access network (RAN) 1670. Itshould be appreciated that in cellular wireless technologies (e.g., 3GPPUMTS, HSPA, 3GPP LTE, 3GPP2 UMB), macro network platform 1610 isembodied in a Core Network. (ii) A femto network platform 1680, whichcan provide communication with UE 1675 through a femto RAN 1690, whichis linked to the femto network platform 1680 via backhaul pipe(s) 1685(e.g., backhaul link(s) 153). It should be appreciated that macronetwork platform 1610 typically hands off UE 1675 to femto networkplatform 1610 once UE 1675 attaches (e.g., through macro-to-femtohandover) to femto RAN 1690, which includes a set of deployed femto APs(e.g., femto AP 130) that can operate in accordance with aspectsdescribed herein.

It is noted that RAN includes base station(s), or access point(s), andits associated electronic circuitry and deployment site(s), in additionto a wireless radio link operated in accordance with the basestation(s). Accordingly, macro RAN 1670 can comprise various coveragecells like cell 105, while femto RAN 1690 can comprise multiplefemtocell access points such as femto AP 130. Deployment density infemto RAN 1690 can be substantially higher than in macro RAN 1670.

Generally, both macro and femto network platforms 1610 and 1680 includecomponents, e.g., nodes, gateways, interfaces, servers, or platforms,that facilitate both packet-switched (PS) (e.g., internet protocol (IP),frame relay, asynchronous transfer mode (ATM)) and circuit-switched (CS)traffic (e.g., voice and data) and control generation for networkedwireless communication. In an aspect of the subject innovation, macronetwork platform 1610 includes CS gateway node(s) 1612 which caninterface CS traffic received from legacy networks like telephonynetwork(s) 1040 (e.g., public switched telephone network (PSTN), orpublic land mobile network (PLMN)) or a SS7 network 1660. Circuitswitched gateway 1612 can authorize and authenticate traffic (e.g.,voice) arising from such networks. Additionally, CS gateway 1612 canaccess mobility, or roaming, data generated through SS7 network 1660;for instance, mobility data stored in a VLR, which can reside in memory1630. Moreover, CS gateway node(s) 1612 interfaces CS-based traffic andsignaling and gateway node(s) 1618. As an example, in a 3GPP UMTSnetwork, PS gateway node(s) 1618 can be embodied in gateway GPRS supportnode(s) (GGSN).

In addition to receiving and processing CS-switched traffic andsignaling, PS gateway node(s) 1618 can authorize and authenticatePS-based data sessions with served (e.g., through macro RAN) wirelessdevices. Data sessions can include traffic exchange with networksexternal to the macro network platform 1610, like wide area network(s)(WANs) 1650, enterprise networks (NW(s)) 1670 (e.g., enhanced 911), orservice NW(s) 1680 like IP multimedia subsystem (IMS); it should beappreciated that local area network(s) (LANs), which may be a part ofenterprise NW(s), can also be interfaced with macro network platform1610 through PS gateway node(s) 1618. Packet-switched gateway node(s)1618 generates packet data contexts when a data session is established.To that end, in an aspect, PS gateway node(s) 1618 can include a tunnelinterface (e.g., tunnel termination gateway (TTG) in 3GPP UMTSnetwork(s); not shown) which can facilitate packetized communicationwith disparate wireless network(s), such as Wi-Fi networks. It should befurther appreciated that the packetized communication can includemultiple flows that can be generated through server(s) 1614. It is to benoted that in 3GPP UMTS network(s), gateway node(s) 1018 (e.g., GGSN)and tunnel interface (e.g., TTG) comprise a packet data gateway (PDG).

Macro network platform 1610 also includes serving node(s) 1616 thatconvey the various packetized flows of information, or data streams,received through PS gateway node(s) 1618. As an example, in a 3GPP UMTSnetwork, serving node(s) can be embodied in serving GPRS support node(s)(SGSN).

As indicated above, server(s) 1614 in macro network platform 1610 canexecute numerous applications (e.g., location services, online gaming,wireless banking, wireless device management, . . . ) that generatemultiple disparate packetized data streams or flows, and manage (e.g.,schedule, queue, format . . . ) such flows. Such application(s), forexample can include add-on features to standard services provided bymacro network platform 1610. Data streams can be conveyed to PS gatewaynode(s) 1618 for authorization/authentication and initiation of a datasession, and to serving node(s) 1616 for communication thereafter.Server(s) 1614 can also effect security (e.g., implement one or morefirewalls) of macro network platform 1610 to ensure network's operationand data integrity in addition to authorization and authenticationprocedures that CS gateway node(s) 1612 and PS gateway node(s) 1618 canenact. Moreover, server(s) 1614 can provision services from externalnetwork(s), e.g., WAN 1650, or Global Positioning System (GPS)network(s), which can be a part of enterprise NW(s) 1680. It is to benoted that server(s) 1614 can include one or more processor configuredto confer at least in part the functionality of macro network platform1610. To that end, the one or more processor can execute codeinstructions stored in memory 1630, for example.

In example wireless environment 1600, memory 1630 stores informationrelated to operation of macro network platform 1610. Information caninclude business data associated with subscribers; market plans andstrategies, e.g., promotional campaigns, business partnerships;operational data for mobile devices served through macro networkplatform; service and privacy policies; end-user service logs for lawenforcement; and so forth. Memory 1630 can also store information fromat least one of telephony network(s) 1640, WAN 1650, SS7 network 1660,enterprise NW(s) 1670, or service NW(s) 1680.

Regarding femto network platform 1680, it includes a femto gatewaynode(s) 1684, which have substantially the same functionality as PSgateway node(s) 1618. Additionally, femto gateway node(s) 1684 can alsoinclude substantially all functionality of serving node(s) 1616.Disparate gateway node(s) 1684 can control or operate disparate sets ofdeployed femto APs, which can be a part of femto RAN 1690. In an aspectof the subject innovation, femto gateway node(s) 1684 can aggregateoperational data received from deployed femto APs. Moreover, femtogateway node(s) 1684, can convey received attachment signaling toattachment component 1620. It should be appreciated that whileattachment component is illustrated as external to gateway node(s) 1684,attachment component 1620 can be an integral part of gateway node(s)1684.

Attachment component 1620 can facilitate macro-to-femto andfemto-to-macro handover. In an aspect, NW attachment signaling 240 canbe received, processed, and conveyed to a femto AP as a part ofattachment procedure among a mobile station and the femto AP. Attachmentcomponent 1620 also can receive alarm(s) indication 314, and process, atleast in part, such indication to generate a NW response 316 like anindication to restart femto AP; a customer service notification, whichcan be accomplished through communication with enterprise network(s)1670 that provides customer service support; indication to display amalfunction indicator . . . ).

Memory 1686 can retain additional information relevant to operation ofthe various components of femto network platform 1680. For exampleoperational information that can be stored in memory 1686 can comprise,but is not limited to, subscriber intelligence; contracted services;maintenance and service records; femto cell configuration (e.g., devicesserved through femto RAN 1690; authorized subscribers associated withone or more deployed femto APs); service policies and specifications;privacy policies; add-on features; so forth.

Server(s) 1682 have substantially the same functionality as described inconnection with server(s) 1614. In an aspect, server(s) 1682 can executemultiple application(s) that provide service (e.g., voice and data) towireless devices served through femto RAN 1690. Server(s) 1682 can alsoprovide security features to femto network platform. In addition,server(s) 1682 can manage (e.g., schedule, queue, format . . . )substantially all packetized flows (e.g., IP-based, frame relay-based,ATM-based) it generates in addition to data received from macro networkplatform 1610. Furthermore, server(s) 1682 can effect provisioning offemto cell service, and effect operations and maintenance. It is to benoted that server(s) 1682 can include one or more processors configuredto provide at least in part the functionality of femto network platform1680. To that end, the one or more processors can execute codeinstructions stored in memory 1686, for example.

With respect to FIG. 17, in embodiment 1700, femto AP 1710 can receiveand transmit signal(s) from and to wireless devices like macro and femtoaccess points, access terminals, wireless ports and routers, and thelike, through a set of antennas 1769 ₁-1769 _(N). It should beappreciated that while antennas 1769 ₁-1769 _(N) are a part ofcommunication platform 255, which comprises electronic components andassociated circuitry that provides for processing and manipulation ofreceived signal(s) and signal(s) to be transmitted. In an aspect,communication platform 255 includes a receiver/transmitter 1766 that canconvert signal from analog to digital upon reception, and from digitalto analog upon transmission. In addition, receiver/transmitter 1766 candivide a single data stream into multiple, parallel data streams, orperform the reciprocal operation. Coupled to receiver/transmitter 1766is a multiplexer/demultiplexer 1767 that facilitates manipulation ofsignal in time and frequency space. Electronic component 1767 canmultiplex information (e.g., data/traffic and control/signaling)according to various multiplexing schemes such as time divisionmultiplexing (TDM), frequency division multiplexing (FDM), orthogonalfrequency division multiplexing (OFDM), code division multiplexing(CDM), space division multiplexing (SDM). In addition, mux/demuxcomponent 1767 can scramble and spread information (e.g., codes)according to substantially any code known in the art; e.g.,Hadamard-Walsh codes, Baker codes, Kasami codes, polyphase codes, and soon. A modulator/demodulator 1768 is also a part of operational group1725, and can modulate information according to multiple modulationtechniques, such as frequency modulation, amplitude modulation (e.g.,M-ary quadrature amplitude modulation (QAM), with M a positive integer),phase-shift keying (PSK), and the like.

Femto acces point 1710 also includes a processor 1735 configured toconfer functionality, at least partially, to substantially anyelectronic component in the femto access point 1710. In particular,processor 1735 can facilitate access management component 235 supplyingfixed differentiated QoS in accordance with aspects disclosed herein. Inaddition, processor 1735 can facilitate operations on data (e.g.,symbols, bits, or chips) for multiplexing/demultiplexing, such aseffecting direct and inverse fast Fourier transforms, selection ofmodulation rates, selection of data packet formats, inter-packet times,etc. A memory 1755 can store data structures, code instructions, systemor device information like policies and specifications, code sequencesfor scrambling, spreading and pilot transmission, floor planconfiguration, access point deployment and frequency plans, schedulingpolicies, and so on.

In embodiment 1700, processor 1734 is coupled to the memory 1755 inorder to store and retrieve information necessary to operate and/orconfer functionality to communication platform 255, access managementcomponent 235, and other operational aspects of femto access point 1710.

As it employed in the subject specification, the term “processor” canrefer to substantially any computing processing unit or devicecomprising, but not limited to comprising, single-core processors;single-processors with software multithread execution capability;multi-core processors; multi-core processors with software multithreadexecution capability; multi-core processors with hardware multithreadtechnology; parallel platforms; and parallel platforms with distributedshared memory. Additionally, a processor can refer to an integratedcircuit, an application specific integrated circuit (ASIC), a digitalsignal processor (DSP), a field programmable gate array (FPGA), aprogrammable logic controller (PLC), a complex programmable logic device(CPLD), a discrete gate or transistor logic, discrete hardwarecomponents, or any combination thereof designed to perform the functionsdescribed herein. Processors can exploit nano-scale architectures suchas, but not limited to, molecular and quantum-dot based transistors,switches and gates, in order to optimize space usage or enhanceperformance of user equipment. A processor may also be implemented as acombination of computing processing units.

In the subject specification, terms such as “data store,” data storage,”“database,” and substantially any other information storage componentrelevant to operation and functionality of a component, refer to “memorycomponents,” or entities embodied in a “memory” or components comprisingthe memory. For example, information relevant to operation of variouscomponents described in the disclosed subject matter, and that can bestored in a memory, can comprise, but is not limited to comprising,subscriber information; femtocell configuration (e.g., devices served bya femto AP; access control lists, or white lists) or service policiesand specifications; privacy policies; and so forth. It will beappreciated that the memory components described herein can be eithervolatile memory or nonvolatile memory, or can include both volatile andnonvolatile memory. By way of illustration, and not limitation,nonvolatile memory can include read only memory (ROM), programmable ROM(PROM), electrically programmable ROM (EPROM), electrically erasable ROM(EEPROM), phase change memory (PCM), or flash memory. Volatile memorycan include random access memory (RAM), which acts as external cachememory. By way of illustration and not limitation, RAM is available inmany forms such as synchronous RAM (SRAM), dynamic RAM (DRAM),synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhancedSDRAM (ESDRAM), Synchlink DRAM (SLDRAM), and direct Rambus RAM (DRRAM).Additionally, the disclosed memory components of systems or methodsherein are intended to comprise, without being limited to comprising,these and any other suitable types of memory.

Various aspects or features described herein may be implemented as amethod, apparatus, or article of manufacture using standard programmingand/or engineering techniques. The term “article of manufacture” as usedherein is intended to encompass a computer program accessible from anycomputer-readable device, carrier, or media. For example, computerreadable media can include but are not limited to magnetic storagedevices (e.g., hard disk, floppy disk, magnetic strips . . . opticaldisks (e.g., compact disk (CD), digital versatile disk (DVD), Blu-raydisc (BD), . . . ), smart cards, and flash memory devices (e.g., card,stick, key drive . . . ).

What has been described above includes examples of systems and methodsthat provide advantages of the subject innovation. It is, of course, notpossible to describe every conceivable combination of components ormethodologies for purposes of describing the claimed subject matter, butone of ordinary skill in the art may recognize that many furthercombinations and permutations of the claimed subject matter arepossible. Furthermore, to the extent that the terms “includes,” “has,”“possesses,” and the like are used in the detailed description, claims,appendices and drawings such terms are intended to be inclusive in amanner similar to the term “comprising” as “comprising” is interpretedwhen employed as a transitional word in a claim.

1. A system that facilitates management of access to femto cellcoverage, comprising: a femto access point that provides access to thefemto cell coverage and a subset of services to at least onecommunication device included in an access control list associated withthe femto access point; and an access management component that utilizesan access criteria to edit the access control list, the access criteriaincluding criteria for adding a communication device to the accesscontrol list and criteria for automatically removing the addedcommunication device from the access control list.
 2. The system ofclaim 1, the access control list configured to include a white list, thewhite list listing a set of communication devices for which access tothe femto cell coverage and subset of services is provided.
 3. Thesystem of claim 1, the access control list configured to include a blacklist, the black list listing a set of communication devices for whichaccess to the femto cell coverage and subset of services is denied. 4.The system of claim 1 further comprising a timing component, the accesscriteria including a time-dependent algorithm that depends on datareceived from the timing component.
 5. The system of claim 1, the accesscriteria including a device-dependent algorithm that depends on receiveddata that includes identifying characteristics of the device.
 6. Thesystem of claim 1, the access criteria including an algorithm thatdepends on data related to a diagnostic of the femto cell coverage. 7.The system of claim 1, the access criteria including an algorithm thatdepends on data related to a diagnostic of a macro network linked to thefemto cell coverage.
 8. The system of claim 1, the access criteriaincluding a password-dependent algorithm that depends on a passwordreceived from a user associated with the device.
 9. The system of claim1, the access criteria including a service-dependent algorithm thatdepends on a type of service requested by the device.
 10. A method thatfacilitates management of access to femto cell coverage, comprising:storing an access control list in a memory component, the access controllist associated with a femto access point, the femto access pointproviding access to the femto cell coverage and a subset of services toat least one communication device included in the access control list;adding a communication device to the access control list according to afirst set of criteria; and removing the added communication device fromthe access control list according to a second set of criteria.
 11. Themethod of claim 10 further comprising configuring a white list as partof the access control list, the white list configured to list a set ofcommunication devices for which access to the femto cell coverage andsubset of services is provided.
 12. The method of claim 10 furthercomprising configuring a black list as part of the access control list,the black list configured to list a set of communication devices forwhich access to the femto cell coverage and subset of services isdenied.
 13. The method of claim 10 further comprising receiving datafrom a timing component, the first set of criteria including atime-dependent algorithm that depends on the data received from thetiming component.
 14. The method of claim 10 further comprisingreceiving data from a timing component, the second set of criteriaincluding a time-dependent algorithm that depends on the data receivedfrom the timing component.
 15. The method of claim 10 further comprisingreceiving data identifying a service carrier associated with the device,the first set of criteria including a carrier-dependent algorithm thatdepends on the service carrier associated with the device.
 16. Themethod of claim 10 further comprising receiving data related to adiagnostic of a macro network linked to the femto cell coverage, thefirst set of criteria including an algorithm that depends on thediagnostic of the macro network.
 17. The method of claim 10 furthercomprising receiving data related to a diagnostic of a macro networklinked to the femto cell coverage, the second set of criteria includingan algorithm that depends on the diagnostic of the macro network. 18.The method of claim 10 further comprising receiving data identifying atype of service requested by the device, the first set of criteriaincluding a service-dependent algorithm that depends on the type ofservice requested by the device.
 19. The method of claim 10 furthercomprising receiving data identifying a type of service requested by thedevice, the second set of criteria including a service-dependentalgorithm that depends on the type of service requested by the device.20. An apparatus comprising: means for storing an access control list ina memory component, the access control list associated with a femtoaccess point, the femto access point providing access to a femto cellcoverage and a subset of services to at least one communication deviceincluded in the access control list; means for adding a communicationdevice to the access control list according to a first set of criteria;and means for removing the added communication device from the accesscontrol list according to a second set of criteria.